PT-2018-4590 · Ibm+1 · Ibm Security Guardium Database Activity Monitor+1

Chris Shepherd

+6

·

Publicado

2018-03-12

·

Atualizado

2018-04-04

·

CVE-2016-0235

CVSS v3.1

8.2

Alta

VetorAV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions IBM Security Guardium Database Activity Monitor version 10
Description The issue allows local users to have an unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems.
Recommendations For IBM Security Guardium Database Activity Monitor version 10, consider changing the hardcoded password to a unique and secure password to prevent potential exploitation. As a temporary workaround, restrict access to the system to minimize the risk of unauthorized administrator access.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

CVE-2016-0235

Produtos afetados

Grub
Ibm Security Guardium Database Activity Monitor